#!/bin/sh /etc/rc.common
START=50

run_shadowtunnel()
{
	##var defination
	local ipaddr
	local port
	local switch
	local udp
	local pwenable
	local passwd
	local dns_enable
	local localport
	local dns
	local mode
	local hour
	local reset
	local strategy
	local encrypt
	local hosts
	local cmd
	##var assignment
	config_get switch $1 switch
	config_get udp $1 udp
	config_get passwd $1 passwd
	config_get dns_enable $1 dns_enable
	config_get mode $1 mode
	config_get hour $1 hour
	config_get reset $1 reset
	config_get strategy $1 strategy
	config_get encrypt $1 encrypt
	hosts="-dns-hosts /tmp/st_hosts.dat"
	dns_forward="-dns-forward /tmp/dns_forward.dat"
	dns_forward_status=""
	localport="20369"
	dns="53"
	pwenable=`echo $passwd | wc -w`
	cmd="/usr/bin/shadowtunnel/shadowtunnel "
	##pre-treatment
	ip_result=`uci get /etc/config/shadowtunnel.@login[0].ipaddr | awk '{for(i=1;i<=NF;i++) printf " -f "$i}'`
	case $switch in
	enable)
		shutdown_process
		main_process
		;;
	disable)
		shutdown_process
		;;
	esac
	#####
}
dns_setting()
{
	case $1 in
		enable)
			uci delete dhcp.cfg02411c.nonegcache
			uci delete dhcp.cfg02411c.filterwin2k
			uci set dhcp.@dnsmasq[0].nonwildcard='0'
            uci set dhcp.@dnsmasq[0].port='5353'
			lan_ipaddr=`uci get network.lan.ipaddr`
			uci add_list dhcp.lan.dhcp_option="6,"$lan_ipaddr
			uci commit
            /etc/init.d/dnsmasq reload
			sleep 2
			;;

		disable)
			uci delete dhcp.@dnsmasq[0].nonwildcard
			uci delete dhcp.@dnsmasq[0].port
			uci set dhcp.cfg02411c.nonegcache='0'
			uci set dhcp.cfg02411c.filterwin2k='0'
			uci delete dhcp.lan.dhcp_option
			uci commit
			/etc/init.d/dnsmasq reload
			sleep 2
			;;
			
	esac
}
main_process()
{
	EXEC_PATH="/usr/bin/shadowtunnel/shadowtunnel "
	hosts_PATH="/tmp/st_hosts.dat"
	dns_forward_PATH="/tmp/dns_forward.dat"
	pwenable=`echo $passwd | wc -w`
	hosts_enable=`uci get shadowtunnel.@login[0].hosts | wc -w`
	dns_forward_enable=`uci get shadowtunnel.@login[0].dns_forward | wc -w`
	dns_arg=""
	passwd_arg=""
	udp_arg=""
	console_cmd=""
	case $udp in
		normal)
			;;
		udp)
			udp_arg="-U "
			;;
	esac
	case $pwenable in
		0)
			;;
		*)
			passwd_arg=" -p "${passwd}
			;;
	esac
	case $dns_enable in
		0)
			dns_setting disable
			dns_arg=" -dns :51097" #don't ask me why!
			;;
		*)
			dns_setting enable
			dns_arg=" -dns-server 8.8.8.8:53 -ttl 600 -cache /tmp/dnscache.dat -dns :"$dns
			;;
	esac
	case $mode in
        GFW)
            run_mode=GFW
			sh /etc/shadowtunnel/ipt.sh $localport $run_mode
			dns_setting enable
			dns_arg=" -dns-server 8.8.8.8:53 -ttl 600 -cache /tmp/dnscache.dat -dns :"$dns
			dns_forward_enable=1 ##open dns-forward
			dns_forward_status="GFW"
            ;;

        Global)
            run_mode=start
			sh /etc/shadowtunnel/ipt.sh $localport $run_mode
            ;;
		DNS)
			dns_setting enable
			dns_arg=" -dns-server 8.8.8.8:53 -ttl 600 -cache /tmp/dnscache.dat -dns :"$dns
			dns_forward_enable=1 ##open dns-forward
			dns_forward_status="DNS"
			;;
		CHN_ONLY)
			run_mode=CHN_ONLY
			sh /etc/shadowtunnel/ipt.sh $localport $run_mode
			dns_setting enable
			dns_arg=" -dns-server 127.0.0.1:5353 -ttl 600 -cache /tmp/dnscache.dat -dns :"$dns
			dns_forward_enable=1 ##open dns-forward
			dns_forward_status="CHN_ONLY"
			;;			
    esac
	case $dns_forward_enable in
		0)
			dns_forward=""
			;;
		*)
			rm -f ${dns_forward_PATH}
			uci get shadowtunnel.@login[0].dns_forward > ${dns_forward_PATH}
			case $dns_forward_status in
				GFW|DNS)
					echo "**.00000.com 0.0.0.0:5353" >> ${dns_forward_PATH}
					cat /etc/direct.txt >> ${dns_forward_PATH}
					;;
				CHN_ONLY)
					echo "**.00000.com 114.114.114.114:5353" >> ${dns_forward_PATH}
					cat /etc/direct.txt >> ${dns_forward_PATH}
					;;
				*)
					;;
			esac
			;;
	esac
	case $hosts_enable in
		0)
			hosts=""
			;;
		*)
			rm -f ${hosts_PATH}
			uci get shadowtunnel.@login[0].hosts > ${hosts_PATH}
			;;
	esac
	console_cmd=${EXEC_PATH}${udp_arg}"-E "${ip_result}" -l :"${localport}" "${dns_arg}${passwd_arg}" -lb-method "$strategy" -lb-hashtarget ""-m "$encrypt" "$hosts" "$dns_forward" -daemon -forever -redir -nolog"
	echo $console_cmd
	$console_cmd
	
}
shutdown_process()
{
	kill -9 $(pidof shadowtunnel)
	kill -9 $(pidof shadowtunnel)
	dns_setting disable 0
	iptables -t nat -X PROXY
	iptables -t nat -F PROXY
	ipset destroy ipchn
	##sh /etc/shadowtunnel/ipt.sh $ipaddr $localport stop
	/etc/init.d/firewall restart
	rm -f /tmp/st_hosts.dat
	echo "stoped"
}
start()
{
	sleep 5
	config_load shadowtunnel
	config_foreach run_shadowtunnel login
}

stop()
{
	echo "shadowtunnel has stoped."
}
